Cyber risks that begin in one place tend to spread worldwide. This means managed service providers (MSPs) must look beyond their clients’ cubicles to see what is going on in other parts of the world so they are not caught off guard by an emerging threat.
Staying ahead of borderless threats
Dinesh Besiahgari, an engineer with Amazon Web Services, states that staying one step ahead of global cyber threats is more important than ever.
“Cybercriminals do not target specific countries; therefore, an attack in Istanbul, Madrid, or London can extend to North American networks in a short time,” Besiahgari says. He also notes that this means that MSPs in charge of protecting critical infrastructure and sensitive data must develop a global cybersecurity awareness strategy.
“Having a local issue becoming a global problem is what happened with the 2023 MOVEit file transfer vulnerability,” Besiahgari points out, adding that what had started as targeted attacks on organizations in Europe became a global crisis impacting thousands of organizations across the globe in a short time, with the cost of remediation costing more than $1 billion. “This is a common case: the exploitation of a vulnerability in one part of the world becoming a worldwide attack.”
AJ Thompson is the Chief Commercial Officer at Northdoor plc, a UK-based IT consultancy. He shares that “the borderless nature of cybersecurity threats requires MSPs and CISOs to be aware of security practices on a global scale.” This awareness is crucial to effectively combat cybersecurity challenges across different regions. This global awareness is essential for effectively addressing cybersecurity challenges.
Proactive strategies for MSPs
Thompson and Besiahgari offer some key strategies MSPs can employ for staying ahead of cross-border cyber risks:
- Implement continuous threat exposure management: This must go beyond traditional vulnerability management to provide real-time threat validation and attack simulation. This approach allows organizations to prioritize threats according to possible business impact so that resources are effectively allocated.
- Make supply chain security a priority: Regularly assess and monitor third-party vendors, with a particular focus on those who have access to sensitive data and systems, and institute carve-out security protocols for each.
- Join the global threat-sharing networks: Collaboration is necessary in waging war against global threats. Join international threat intelligence-sharing forums to gain an early view of emerging risks. These forums also allow you to contribute to the cause of collective defense. Subscribe to reputable threat intelligence feeds that collect data from international sources. Some platforms that can be used include the MITRE ATTACK framework and FS-ISAC for the financial services sector. Other industry-specific ISACs also offer valuable information on current global threats.
- Adapt to geopolitical influences: Geopolitical tension increasingly drives cybersecurity events. Always stay aware of current events, such as international conflicts or policy shifts, that can increase the number of threats. For example, a recent trade dispute led to a 150 percent upswing in China-nexus cyber activity.
- Prepare for ultra-fast attacks: The fastest recorded eCrime breakout time is now as little as 51 seconds, thus organizations must develop and regularly test their rapid response capabilities. Wherever possible, automate initial response actions to keep the speed of modern attacks.
- Mitigate the human factor: Understand that 40 percent of all incidents can be traced back to insider threats. Also, within the last six months, there was a 442-percent jump in vishing (voice phishing) attacks. Thus, it is critical to train every employee thoroughly on security awareness. This training should emphasize recognizing social engineering tactics and encourage sound security practices.
- 24/7 monitoring capabilities: Adopt security monitoring that runs round the clock and accounts for time zone differences to detect new threats no matter where or when they happen. This continuous vigilance can greatly decrease the detection and response time.
- International security relationships: Build relationships with security professionals in different parts of the world. Attending global security forums, conferences, and groups on social media helps share valuable information. This information is often posted before it appears in official reports.
- Automated threat detection systems: Use products that detect and respond to indicators of compromise observed in other geographies, alerting your organization to potential threats and allowing you to build defenses before the threat reaches your infrastructure.
Thompson explains that executing these strategies will significantly improve MSPs’ and CISOs’ global oversight regarding cybersecurity preparedness. In the process, they will equip themselves better to stop and defend against the evolving threat landscape.
Staying ahead of global cyberthreats
To stay ahead of cross-border cyber risks, MSPs need to take a proactive and well-rounded approach. This means managing threats in real time and securing the supply chain. It also requires participating in global networks that share information about threats. Understanding geopolitical influences, preparing for lightning-fast cyberattacks, and addressing human error are key to minimizing risks. By implementing 24/7 monitoring, building international security connections, and using automated threat detection, MSPs can quickly identify and respond to potential dangers. Adopting these strategies will help MSPs better protect critical infrastructure and sensitive data in a more connected world than ever.
Photo: flynt / Shutterstock
